unom

Kreative Webentwicklung aus Rottweil

Rottweil

https://unom.io

Repositories

6

Projects Packages

@unom/cms (0.2.0)

Published 2026-06-20 14:45:09 +00:00 by enricobuehler

Installation

Set up this registry in your project .npmrc file:

@unom:registry=https://git.unom.io/api/packages/unom/npm/

To install the package using npm, run the following command:

npm install @unom/cms@0.2.0

or add it to the package.json file:

"@unom/cms": "0.2.0"

For more information on the npm registry, see the documentation.

About this package

unom/cms

Payload CMS for unom — content for unom.io (legal pages, blocks) and future unom services. Next.js 16, Payload 3.x, Postgres via mTLS (data.unom.io), media on RustFS (unom-cms-media), Lexical editor, locales de + en.

Layout

src/
├── env.ts                       typed env reader, no @played dep
├── certs.ts                     reads /certs/* mounted by cert-renewer
├── payload.config.ts            collections, globals, blocks, db, s3
├── collections/                 Users, Media, Pages
├── globals/                     Header, Footer
├── blocks/                      Hero, Section, RichText, Image, FAQ, Navigation
└── app/
    ├── (payload)/               Payload admin + REST + GraphQL routes
    └── (frontend)/              minimal landing redirect to /admin
Dockerfile                       bun deps, node 25 next build, node 25 runner (standalone)
compose.production.yml           cert-init + cert-renewer + web; web binds 3050:3000
scripts/provision-client-certs.sh  issues the Postgres client cert (CN=cms)
.gitea/workflows/deploy.yml      build image → push to git.unom.io/unom/cms → SSH deploy

Local dev

bun install
cp .env.example .env       # fill S3_* and POSTGRES_PASSWORD
bun run dev                # localhost:3050

For local DB, point POSTGRES_HOST/PORT/USER/PASSWORD at any disposable Postgres. certs.hasPgClient is false without /certs/ so SSL is skipped.

Production deployment

CI:

1. Builds git.unom.io/unom/cms:latest + :<sha>.
2. Stages ~/unom-cms-secrets/.env and the Step-CA provisioner password on unom-1.
3. scps compose.production.yml + scripts/.
4. docker compose pull && up -d.

On unom-1 the stack is:

• cert-init (one-shot): issues /certs/pg-client.{crt,key} from Step-CA, CN=cms.
• cert-renewer (daemon): renews the client cert.
• web (Next.js standalone): listens on container :3000, host :3050; reads /app/.env + /certs/*; reaches Postgres at data.unom.io:5432 via the extra_hosts: data.unom.io:host-gateway mapping.

Required CI secrets

Secret	Source
DEPLOY_*, REGISTRY_*	Inherited from unom org-level secrets
STEP_CA_PROVISIONER_PASSWORD	Inherited from unom org
CMS_ENV	Full body of the production .env — Payload secret, Postgres + RustFS creds, etc.

First-time bootstrap on the VM

Before the first deploy run succeeds, the data plane (unom/data) needs to have created the cms_prod database and a cms role with grant:

CREATE ROLE cms WITH LOGIN;
CREATE DATABASE cms_prod OWNER cms;
GRANT ALL ON DATABASE cms_prod TO cms;

Payload's payload migrate (run in CI via npm run ci in the Dockerfile) creates all the schema from there.

Dependencies

Dependencies

ID	Version
@payloadcms/db-postgres	^3.85.1
@payloadcms/next	^3.85.1
@payloadcms/plugin-mcp	^3.85.1
@payloadcms/plugin-multi-tenant	^3.84.1
@payloadcms/plugin-seo	^3.85.1
@payloadcms/richtext-lexical	^3.85.1
@payloadcms/storage-s3	^3.85.1
@payloadcms/ui	^3.85.1
cross-env	^10.1.0
graphql	^17.0.1
next	16.2.9
payload	^3.85.1
react	19.2.7
react-dom	19.2.7
sharp	^0.35.1

Development Dependencies

ID	Version
@biomejs/biome	2.5.0
@types/node	^26.0.0
@types/react	^19.2.17
@types/react-dom	^19.2.3
tsdown	^0.22.3
typescript	^6.0.3

Details

npm

2026-06-20 14:45:09 +00:00

32

8.6 KiB

Assets (1)

cms-0.2.0.tgz 8.6 KiB

Versions (3) View all

0.3.0 2026-06-20

0.2.0 2026-06-20

0.1.0 2026-05-26